Opened 9 years ago

Last modified 8 years ago

#7655 new enhancement

BIND is a big memory hog, complex - replace with dnsmasq, djbdns

Reported by: martinlanghoff Owned by: martin.langhoff
Priority: normal Milestone: Future Release
Component: school server Version: not specified
Keywords: fedoradev Cc: jerub
Blocked By: Blocking:
Deployments affected: Action Needed: never set
Verified: no


BIND is overkill for our purposes. At the current time, it sits on 26MB RAM just to serve 6 domain names we host, and act as a resolving nameserver.

Additionally, it is not a daemon known for security or resiliency.

Task: check the viability of replacing BIND+DHCPd with dnsmasq. If dnsmasq is not as good as expected, we can settle with replacing just BIND with djbdns. Thankfully djbdns now has a more sensible license.

Change History (2)

comment:1 Changed 9 years ago by martin.langhoff

  • Keywords fedoradev added

comment:2 Changed 8 years ago by jerub

  • Cc jerub added

As an addendum to this ticket, bind is currently configured on the school server to ONLY use a source port of '53' for all DNS requests. This is a security problem, and can result in exceptionally easy cache poisoning.

Note: See TracTickets for help on using tickets.